Saturday, October 1, 2011

Bloggers Beware: Cloaked Malicious Links As Referrals

Bloggers Beware: Cloaked Links Can Be Malicious

Bloggers Beware of Malicious Link Cloaking

As bloggers, we often get excited when studying the statistics of our blog traffic. We like to find out where our traffic is coming from. One way to identify new traffic sources is to check the Referring URLs. In other words, we are checking what specific sites have been sending traffic to our site.

In the Bloggers Beware image at the top of this post, you can see a sample of some of the sites that have been reffering traffic to one of my blogs. In the above image you can see Referring URLs from:

Because they are links back to a malicious site. By cloaking the link, the malicious attacker is increasing the odds of you clicking on that link and visiting the malicious site. This also explains the 28 referrals coming from the malicious site. There is no real traffic coming from this cloaked site. A potential attacker is cloaking the links and automating the process of sending false referrals in attempts to get me to click on the malicious links. How do I know they are malicious? I did a internet search for the site url that this cloak re-directs to and sure enough this link re-directs to a malicious code site.

So bloggers be careful! Be careful when clicking on these types of cloaked links as they can comprimise the security of your site and your computer. This doesn't mean that all cloacked or link shortened links are malicious. You may even see shortened links from links that you may have posted to various social media sites. Links from Twitter (built in link shorteners) and Aweber (if you have it set to post to your Facebook or Twitter) can appear this way as well. See where it starts to get easy to fall into the trap? Don't just think it is safe to start clicking on links in your Referral URLs report without investigating first. Always be smart and safe about what you click or download on the web.

I hope this post saves some other bloggers from the malicious attempts of cloaked Referral URLs.